Principle one of the Data Protection Act 1998 provides that your personal data shall be processed fairly and lawfully. As part of the process of demonstrating fair and lawful processing, organisations when collecting your information should provide a fair processing notice or more usually called a privacy notice.

Generally, a privacy notice provides the reader with details about the organisation, what information it collects about you and what they will do with it and any other information which the organisation thinks you need know about to ensure you are fully aware of what is going to happen with your information. Based on such statements you will then decide whether you want to give them your information or not (albeit on many occasions you may feel you have no choice if you want to complete a transaction). An essential purpose of any privacy policy is to ensure that the organisation to which you will give your information collects and uses your information in a fair and lawful manner.

This sounds relatively straightforward; however, the Information Commissioner's Office "believes that some existing privacy notices contain too much legal jargon and are written to protect organisations, rather than to inform the public about how their information will be used." On the basis of this the ICO has launched a consultation on a new draft code of practice (the Code) aimed at helping organisations put together more 'user friendly' privacy notices. The 17 page Code contains drafting tips and examples of what the ICO would consider good practice and what it would consider bad practice.

Whilst the ICO highlights bad practices and the need to have clearer statements, the Code of Practice helpfully comments that "organisations should not be scared of using personal information in a reasonable way which people would expect" and highlights that where an organisation is "going to use personal information in a way that is controversial or unexpected, or if sensitive or confidential information is involved, organisations should ensure they explain this to people."

The ICO believes that the Code will help organisations comply with "one of he most important but most misunderstood parts of the Act." His consultation on the Code closes on 3rd April 2009.